go.threatstack.com Open in urlscan Pro
104.17.72.206 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00
Effective URL:
https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVox...
Submission: On February 04 via manual (February 4th 2020, 10:02:38 pm UTC) from US

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 15 domains to perform 63 HTTP transactions. The main IP is 104.17.72.206, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.threatstack.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on June 17th 2019. Valid for: a year.

This is the only time go.threatstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:51c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.101.176.176 95.101.176.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
5	95.100.75.224 95.100.75.224	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	143.204.214.90 143.204.214.90	16509 (AMAZON-02) (AMAZON-02)
5	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST)
1	23.111.9.64 23.111.9.64	33438 (HIGHWINDS2) (HIGHWINDS2)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
4	35.169.141.254 35.169.141.254	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
5	192.28.146.117 192.28.146.117	53580 (MARKETO) (MARKETO)
63	20

1 104.17.70.206 (United States)

ASN13335 (CLOUDFLARENET, US)

info.threatstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.17.72.206 (United States)

ASN13335 (CLOUDFLARENET, US)

go.threatstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.96.80 (United States)

ASN13335 (CLOUDFLARENET, US)

na-ab19.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:51c3 (United States)

ASN13335 (CLOUDFLARENET, US)

threatstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.176.176 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-176-176.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.75.224 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-224.deploy.static.akamaitechnologies.com

sjrtp7-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO, US)

463-fkf-758.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.214.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-90.fra53.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.169.141.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-141-254.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scout.us1.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.28.146.117 (United States)

ASN53580 (MARKETO, US)

sjrtp7.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	threatstack.com info.threatstack.com go.threatstack.com threatstack.com	379 KB
11	marketo.com na-ab19.marketo.com sjrtp7-cdn.marketo.com rtp-static.marketo.com sjrtp7.marketo.com	141 KB
6	google-analytics.com 1 redirects www.google-analytics.com	18 KB
5	salesloft.com scout-cdn.salesloft.com scout.salesloft.com scout.us1.salesloft.com	4 KB
5	bizible.com cdn.bizible.com	34 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
2	driftt.com js.driftt.com	45 KB
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	305 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	marketo.net munchkin.marketo.net	6 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	mktoresp.com 463-fkf-758.mktoresp.com	303 B
1	googletagmanager.com www.googletagmanager.com	26 KB
63	15

	Domain	Requested by
20	go.threatstack.com	info.threatstack.com go.threatstack.com
6	www.google-analytics.com	1 redirects www.googletagmanager.com
5	sjrtp7.marketo.com	sjrtp7-cdn.marketo.com cdn.bizible.com
5	cdn.bizible.com	www.googletagmanager.com go.threatstack.com cdn.bizible.com
4	rtp-static.marketo.com	sjrtp7-cdn.marketo.com
3	threatstack.com	go.threatstack.com
2	scout.us1.salesloft.com	go.threatstack.com
2	scout.salesloft.com	scout-cdn.salesloft.com cdn.bizible.com
2	px.ads.linkedin.com	1 redirects go.threatstack.com
2	js.driftt.com	info.threatstack.com js.driftt.com
2	www.google.de	go.threatstack.com
2	www.google.com	1 redirects go.threatstack.com
2	munchkin.marketo.net	go.threatstack.com munchkin.marketo.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	scout-cdn.salesloft.com	info.threatstack.com
1	snap.licdn.com	info.threatstack.com
1	www.googleadservices.com	www.googletagmanager.com
1	463-fkf-758.mktoresp.com	munchkin.marketo.net
1	stats.g.doubleclick.net	1 redirects
1	sjrtp7-cdn.marketo.com	info.threatstack.com
1	www.googletagmanager.com	go.threatstack.com
1	na-ab19.marketo.com	go.threatstack.com
1	info.threatstack.com
63	24

This site contains links to these domains. Also see Links.

Domain
www.threatstack.com

Subject Issuer	Validity	Valid
info.threatstack.com CloudFlare Inc ECC CA-2	`2019-06-17` - `2020-06-16`	a year	crt.sh
go.threatstack.com CloudFlare Inc ECC CA-2	`2019-06-17` - `2020-06-16`	a year	crt.sh
na-ab19.marketo.com CloudFlare Inc ECC CA-2	`2020-01-22` - `2020-10-09`	9 months	crt.sh
threatstack.com DigiCert SHA2 Extended Validation Server CA	`2019-07-31` - `2021-08-04`	2 years	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2018-12-15` - `2020-03-15`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-01-14` - `2020-04-07`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-23` - `2021-03-23`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Frame ID: 0DD46B8B8C48516E361F3DCB7CBA1B56
Requests: 62 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 487FB567A37BF272051B1A4B3BA02237
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00 Page URL
https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

63
Requests

100 %
HTTPS

45 %
IPv6

15
Domains

24
Subdomains

20
IPs

6
Countries

668 kB
Transfer

1567 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.threatstack.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.threatstack.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.threatstack.com/security
Title: Security

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00 Page URL
https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=387479823&t=pageview&_s=1&dl=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&dr=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&ul=en-us&de=UTF-8&dt=Webinar%20Registration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2140391806&gjid=1882332977&cid=1270152122.1580853744&tid=UA-45015654-1&_gid=1540645646.1580853744&_r=1&gtm=2wg1m0NWSQ37&z=8407081 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_gid=1540645646.1580853744&gjid=1882332977&_v=j80&z=8407081 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_v=j80&z=8407081 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_v=j80&z=8407081&slf_rd=1&random=812286495

Request Chain 36

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=376172&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&time=1580853744025 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D376172%26url%3Dhttps%253A%252F%252Fgo.threatstack.com%252Fapp-attack-sim.html%253Fmkt_tok%253DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%25253D%26time%3D1580853744025%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=376172&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&time=1580853744025&liSync=true

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 S02D1j0WFFK0405s0s0004YD0SH00 Show response
info.threatstack.com/ 609 B
1 KB 886ms
629ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.70.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

387a1453ecb35b72b3d8713369e7167b600472880b0b34fa496eb8f9e0c7d728

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: info.threatstack.com
:scheme: https
:path: /S02D1j0WFFK0405s0s0004YD0SH00
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Tue, 04 Feb 2020 22:02:22 GMT
content-type: text/html
set-cookie: __cfduid=dbc686c38e0964ef67d6e5b8030f8ab311580853742; expires=Thu, 05-Mar-20 22:02:22 GMT; path=/; domain=.info.threatstack.com; HttpOnly; SameSite=Lax BIGipServersj_mailtracking_http=!KUGpomuCykNMd47InuzRy4alk/3R/pUwql5ugz+zSCif4X6eBx3JDMeDFZlgoF2EzCed5qIY4v5c4/U=; path=/; Httponly; Secure __cf_bm=62a126ce82614c379826f7e97fb5d14d0458a04f-1580853742-1800-Ad/OKUcRGfM4O0iZKzBov7/954OCRnHQZwySZf1ATawFr1nrFB+CP1A7e7R2CV1z/aA0mMuOVqHBtP2WShBvzkM=; path=/; expires=Tue, 04-Feb-20 22:32:22 GMT; domain=.info.threatstack.com; HttpOnly; Secure; SameSite=None
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55ffedb05b93dbfb-LHR
content-encoding: gzip

GET
H2 200 Primary Request app-attack-sim.html Show response
go.threatstack.com/ 40 KB
10 KB 652ms
408ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D

Requested by

Host: info.threatstack.com
URL: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c89d83668b8c076acf42e3003644505f7e6d79da34e0dc497efa7eedb7d72d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.threatstack.com
:scheme: https
:path: /app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-site
sec-fetch-mode: navigate
referer: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00

Response headers

status: 200
date: Tue, 04 Feb 2020 22:02:23 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de87ce666cb29973d39479538bd81d48c1580853743; expires=Thu, 05-Mar-20 22:02:23 GMT; path=/; domain=.go.threatstack.com; HttpOnly; SameSite=Lax BIGipServersj20web-nginx-app_https=!pEbQEx0aPQSohyPInuzRy4alk/3R/kzdbn3nLJsbp6YXD3t+C8lmvydn+s20ENi5pDUifQk3MXj4Pog=;Path=/;Version=1;Secure;Httponly __cf_bm=1f4bb2aeae698a309bf72b27f5c54cb1154eb9f9-1580853743-1800-AavUmHavw20X6gxRcs8HENs5LXhSPxTPBQzfl+TbLZy3y1orZpDIkae4l2pRnkDJfsuIUOl1gjUl82o2eTW0Xr4=; path=/; expires=Tue, 04-Feb-20 22:32:23 GMT; domain=.go.threatstack.com; HttpOnly; Secure; SameSite=None
p3p: CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
vary: *,Accept-Encoding
x-content-type-options: nosniff
x-cache-status: BYPASS
x-mkto-nginx-cache: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 55ffedb6097e6b53-LHR
content-encoding: gzip

GET
H2 200 mktLPSupportCompat.css
go.threatstack.com/css/ 2 KB
783 B 186ms
186ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/css/mktLPSupportCompat.css

Requested by

Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 635
last-modified: Wed, 15 Jan 2020 18:37:43 GMT
server: cloudflare
etag: "a4033d-633-59c320105abc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 55ffedb8abd06b53-LHR
expires: Wed, 05 Feb 2020 02:02:23 GMT

GET
H2 200 bootstrap.css
na-ab19.marketo.com/rs/398-CQS-166/images/ 129 KB
20 KB 298ms
129ms Stylesheet
text/css 104.16.96.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://na-ab19.marketo.com/rs/398-CQS-166/images/bootstrap.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d08f291bcb83079b1333094f4c021641b33182915b5e74ae8bddf5d7b4fd4698

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Sat, 18 Jan 2020 23:56:36 GMT
server: cloudflare
etag: "2440454-205c2-59c72cefe2de9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
cf-ray: 55ffedb9b930e68c-LHR
content-length: 19516

GET
H2 200 external-styles.min.css
go.threatstack.com/rs/463-FKF-758/images/ 30 KB
7 KB 180ms
180ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/external-styles.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3a3b79787d6827e01289f2bedd3b6d7a6ce22312f75670f7f828a4cc14348c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 7044
last-modified: Sun, 19 Jan 2020 14:48:44 GMT
server: cloudflare
etag: "1220560-78e1-59c7f4583bb08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedb8abd36b53-LHR
expires: Tue, 04 Feb 2020 22:03:23 GMT

GET
H2 200 style.css
go.threatstack.com/rs/463-FKF-758/images/ 9 KB
2 KB 176ms
176ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/style.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21d8bce7f93483ce0a78609af0f6b5a047eb060997b4928e3fb03d4bd8467266

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 2263
last-modified: Sun, 19 Jan 2020 14:48:44 GMT
server: cloudflare
etag: "1220561-2208-59c7f4583bef0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedb8abd46b53-LHR
expires: Tue, 04 Feb 2020 22:03:23 GMT

GET
H2 200 threat-stack-logo-reverse-500px.png
go.threatstack.com/rs/463-FKF-758/images/ 27 KB
27 KB 226ms
226ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/threat-stack-logo-reverse-500px.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

496256258aa3081dbd5b1d4087d5dc74ebe1b117b3bd36e32ff8ffa741443c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jan 2020 16:30:39 GMT
server: cloudflare
etag: "1220e75-6a4d-59ce54739363b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedb8abd66b53-LHR
content-length: 27213
expires: Tue, 04 Feb 2020 22:03:23 GMT

GET
H2 200 forms2.min.js Show response
go.threatstack.com/js/forms2/js/ 169 KB
57 KB 186ms
186ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/js/forms2/js/forms2.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Jan 2020 18:37:37 GMT
server: cloudflare
etag: "c20560-2a546-59c3200aa1e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=14400
strict-transport-security: max-age=63113904
cf-ray: 55ffedb8abd56b53-LHR
expires: Wed, 05 Feb 2020 02:02:23 GMT

GET
H2 200 sessionm-logo.png
threatstack.com/wp-content/uploads/2017/09/ 13 KB
14 KB 67ms
23ms Image
image/png 2606:4700::6811:51c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatstack.com/wp-content/uploads/2017/09/sessionm-logo.png
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:51c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9711b3826b42c29d3a88964bb4b542dd64ae2f000a5ef23cec6fc52fd20958d8

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
cf-cache-status: HIT
age: 9070
status: 200
content-length: 13754
last-modified: Sat, 23 Nov 2019 13:13:55 GMT
server: cloudflare
etag: "5dd93093-35ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.threatstack.com
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55ffedbb5a08d6c9-FRA
expires: Wed, 03 Feb 2021 22:02:23 GMT

GET
H2 200 zuora-logo.png
threatstack.com/wp-content/uploads/2017/09/ 9 KB
9 KB 64ms
21ms Image
image/png 2606:4700::6811:51c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatstack.com/wp-content/uploads/2017/09/zuora-logo.png
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:51c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414777c2a28e0a9a179bdfcba83b678d33fc73cca58aa7a2dd1190ecac2f93d3

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
cf-cache-status: HIT
age: 9070
status: 200
content-length: 9243
last-modified: Sat, 23 Nov 2019 13:13:55 GMT
server: cloudflare
etag: "5dd93093-241b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.threatstack.com
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55ffedbb5a0bd6c9-FRA
expires: Wed, 03 Feb 2021 22:02:23 GMT

GET
H2 200 highfive.png
go.threatstack.com/rs/463-FKF-758/images/ 18 KB
18 KB 190ms
187ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/highfive.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bed22e06b1c797c59db4fc9a38b8c5582e499559a86cf940ae84163b8b5799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Jan 2020 14:48:44 GMT
server: cloudflare
etag: "1220562-4654-59c7f4583ce91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedbb2df96b53-LHR
content-length: 18004
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 mulesoft-logo.png
threatstack.com/wp-content/uploads/2017/09/ 34 KB
34 KB 186ms
144ms Image
image/png 2606:4700::6811:51c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://threatstack.com/wp-content/uploads/2017/09/mulesoft-logo.png
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:51c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e1d9ec7a9f0e9158de909d60a48b1b4e49ab5a98d3dec3e21826310dbe5469

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
cf-cache-status: HIT
age: 9071
status: 200
content-length: 35044
last-modified: Sat, 23 Nov 2019 13:13:54 GMT
server: cloudflare
etag: "5dd93092-88e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://www.threatstack.com
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 55ffedbb5a0dd6c9-FRA
expires: Wed, 03 Feb 2021 22:02:24 GMT

GET
H2 200 onelogin-logo.png
go.threatstack.com/rs/463-FKF-758/images/ 29 KB
29 KB 183ms
180ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/onelogin-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3890516e57d6587f4c4c26f61f394852e0f21eaa175e207a62a81ecb446f662

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jan 2020 16:34:32 GMT
server: cloudflare
etag: "1220e77-7434-59ce5550fff05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedbb2dfc6b53-LHR
content-length: 29748
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 lola-logo.png
go.threatstack.com/rs/463-FKF-758/images/ 16 KB
16 KB 191ms
188ms Image
image/png 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/lola-logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

391ae5434eccd0c4861b54d3ef6e8c591d2b5c9fd6d96107f2ee8d0517be725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jan 2020 16:34:32 GMT
server: cloudflare
etag: "1220e76-3eb1-59ce5550ffb1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedbb2dfe6b53-LHR
content-length: 16049
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 external-scripts.min.js Show response
go.threatstack.com/rs/463-FKF-758/images/ 117 KB
38 KB 201ms
201ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/external-scripts.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12095c3b5552274789c452ef46cfc23da902af1bdec02a639ef20a7494e55312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 38452
last-modified: Sun, 19 Jan 2020 12:16:27 GMT
server: cloudflare
etag: "1220512-1d49e-59c7d24e99f27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedba0ce76b53-LHR
expires: Tue, 04 Feb 2020 22:03:23 GMT

GET
H2 200 scripts.js Show response
go.threatstack.com/rs/463-FKF-758/images/ 673 B
369 B 186ms
186ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/scripts.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2bfe88790852c91d39c37dea6f79bf93057bad29ec9167824d2b4d25a6a7536

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 243
last-modified: Sun, 19 Jan 2020 12:16:27 GMT
server: cloudflare
etag: "1220513-2a1-59c7d24ea3397"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedba1cee6b53-LHR
expires: Tue, 04 Feb 2020 22:03:23 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net// 1 KB
1 KB 120ms
39ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net//munchkin.js
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6c9094cac8fa542195988d92ed1705cf5c88cea911f55a85711ad27006041e75

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jan 2020 02:58:58 GMT
Server: Apache
ETag: "84c4b4b08c71ce1110818e8853f50222:1580180338"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 768

GET
H2 200 stripmkttok.js Show response
go.threatstack.com/js/ 2 KB
809 B 180ms
174ms Script
application/x-javascript 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/js/stripmkttok.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 678
last-modified: Wed, 15 Jan 2020 18:37:37 GMT
server: cloudflare
etag: "760400-602-59c3200aa1e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 55ffedbb2df76b53-LHR
expires: Wed, 05 Feb 2020 02:02:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
26 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWSQ37

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0350bd217bea0a3f13f2901e36ac13e07e55a63f60cbc416de5c1911b30972c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=300; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26566
x-xss-protection: 0
last-modified: Tue, 04 Feb 2020 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 Feb 2020 22:02:23 GMT

GET
H2 200 background.jpg
go.threatstack.com/rs/463-FKF-758/images/ 11 KB
11 KB 176ms
175ms Image
image/jpeg 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/background.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2b3d31e5b26b8459ada015528ea2393440192f013e5bf620bd53c8c51ec1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jan 2020 16:34:32 GMT
server: cloudflare
etag: "1220e78-2a6f-59ce555134eb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 55ffedbb3e106b53-LHR
content-length: 10863
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 montserrat-semibold-webfont.woff2
go.threatstack.com/rs/463-FKF-758/images/ 25 KB
26 KB 470ms
465ms Font
text/plain 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/montserrat-semibold-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

506b582d0a16be58881fa56c1017b51430cbba73697a879a77d7a274e58b0e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/rs/463-FKF-758/images/style.css
Origin: https://go.threatstack.com

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Jan 2020 12:16:29 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"1220515-65e0-59c7d2502c8a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: public, max-age=60
cf-ray: 55ffedbb3e156b53-LHR
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 lato-bold-webfont.woff2
go.threatstack.com/rs/463-FKF-758/images/ 25 KB
25 KB 190ms
185ms Font
text/plain 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/lato-bold-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521a4c4b77a15d98adcc9aa813cd9662f04ff532434e209cdbb8b39c5e4767f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/rs/463-FKF-758/images/style.css
Origin: https://go.threatstack.com

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Jan 2020 14:46:22 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"122055f-63b0-59c7f3d0b1fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: public, max-age=60
cf-ray: 55ffedbb4e196b53-LHR
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 lato-regular-webfont.woff2
go.threatstack.com/rs/463-FKF-758/images/ 24 KB
25 KB 607ms
603ms Font
text/plain 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/lato-regular-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f65b817702eccbcd14266ff4a627d4b1082a3d12923cf33037a435940c8fc98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/rs/463-FKF-758/images/style.css
Origin: https://go.threatstack.com

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Jan 2020 14:49:19 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"122056a-6180-59c7f4791fb75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: public, max-age=60
cf-ray: 55ffedbb4e1a6b53-LHR
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 forms2.css
go.threatstack.com/js/forms2/css/ 13 KB
3 KB 187ms
187ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/js/forms2/css/forms2.css

Requested by

Host: go.threatstack.com
URL: https://go.threatstack.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 2610
last-modified: Wed, 15 Jan 2020 18:37:37 GMT
server: cloudflare
etag: "c2055c-33f8-59c3200aa1e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 55ffedbb7e4a6b53-LHR
expires: Wed, 05 Feb 2020 02:02:24 GMT

GET
H2 200 forms2-theme-plain.css
go.threatstack.com/js/forms2/css/ 828 B
342 B 180ms
180ms Stylesheet
text/css 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: go.threatstack.com
URL: https://go.threatstack.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200
content-length: 246
last-modified: Wed, 15 Jan 2020 18:37:37 GMT
server: cloudflare
etag: "c20550-33c-59c3200aa1e40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 55ffedbb7e4c6b53-LHR
expires: Wed, 05 Feb 2020 02:02:24 GMT

GET
H2 200 getKnownLead Show response
go.threatstack.com/index.php/form/ 71 B
173 B 454ms
453ms XHR
application/json 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/index.php/form/getKnownLead?form=1489&lpId=3538&munchkinId=463-FKF-758&filledFields=true&mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D

Requested by

Host: go.threatstack.com
URL: https://go.threatstack.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b552f280815787074f2aab8633b9793d39e7d673df52081d9c34d89d1ff0ba56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 55ffedbb8e516b53-LHR
content-length: 82

GET
H2 200 montserrat-bold-webfont.woff2
go.threatstack.com/rs/463-FKF-758/images/ 26 KB
26 KB 178ms
178ms Font
text/plain 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.threatstack.com/rs/463-FKF-758/images/montserrat-bold-webfont.woff2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e38463d254689e90cc025b9ba37e37ba6b85bc91169da67fe608a95fbe05240c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/rs/463-FKF-758/images/style.css
Origin: https://go.threatstack.com

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Jan 2020 12:16:28 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"1220514-680c-59c7d24fd040e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
status: 200
cache-control: public, max-age=60
cf-ray: 55ffedbb8e5e6b53-LHR
expires: Tue, 04 Feb 2020 22:03:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSQ37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 833
date: Tue, 04 Feb 2020 21:48:30 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Tue, 04 Feb 2020 23:48:30 GMT

GET
H/1.1 200
OK rtp.js Show response
sjrtp7-cdn.marketo.com/rtp-api/v1/ 148 KB
41 KB 449ms
284ms Script
application/x-javascript 95.100.75.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack

Requested by

Host: info.threatstack.com
URL: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.75.224 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-75-224.deploy.static.akamaitechnologies.com

Software

Jetty(7.3.1.v20110307) /

Resource Hash

21d9ecd4bb513d28b2a99eee33951d814853a8887cbcc53b6add7296e76d6dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Last-Modified: Sat, 18 Jan 2020 22:53:44 GMT
Server: Jetty(7.3.1.v20110307)
Date: Tue, 04 Feb 2020 22:02:24 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=138
Connection: keep-alive
Content-Length: 41413

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=387479823&t=pageview&_s=1&dl=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPb...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_gid=1540645646.1580853744&gjid=1882332977&_v=j80&z=8407081
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_v=j80&z=8407081
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_v=j80&z=8407081&slf_rd=1&random=812286495

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_v=j80&z=8407081&slf_rd=1&random=812286495

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 Feb 2020 22:02:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-45015654-1&cid=1270152122.1580853744&jid=2140391806&_v=j80&z=8407081&slf_rd=1&random=812286495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/156/ 9 KB
5 KB 39ms
38ms Script
application/x-javascript 95.101.176.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/156/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-176-176.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 20:22:41 GMT
Server: Apache
ETag: "24e78e4d5137c385c6e3393d80cfd6bf:1568751761"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4198
Expires: Thu, 14 May 2020 22:02:23 GMT

GET
H/1.1 200
OK visitWebPage Show response
463-fkf-758.mktoresp.com/webevents/ 2 B
303 B 761ms
170ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://463-fkf-758.mktoresp.com/webevents/visitWebPage?_mchNc=1580853744007&_mchCn=app-attack-sim&_mchId=463-FKF-758&_mchTk=_mch-threatstack.com-1580853744007-64225&mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D&_mchWs=j1RR&_mchHo=go.threatstack.com&_mchPo=&_mchRu=%2Fapp-attack-sim.html&_mchPc=https%3A&_mchVr=156&_mchHa=&_mchRe=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&_mchQp=mkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/156/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Origin: https://go.threatstack.com

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 Feb 2020 22:02:24 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 859b95f8-6f8a-4abd-9fbd-c123b5753302
Content-Type: text/plain; charset=UTF-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 126ms
49ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSQ37

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
server: cafe
etag: 8273558640064030436
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 Feb 2020 22:02:24 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: info.threatstack.com
URL: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=26802
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 79v2tv4a7dxf.js Show response
js.driftt.com/include/1580853900000/ 136 KB
45 KB 161ms
161ms Script
application/javascript 143.204.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1580853900000/79v2tv4a7dxf.js

Requested by

Host: info.threatstack.com
URL: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.90 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-214-90.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

99522f1a9ecb12731f68d90aca16453bf772ac84c8250f45f715c1daaa2a4dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jan 2020 17:34:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7cSDdhWEfE7y0iHheP1SzahpmcS5auwDnb9m5WKWKyNGMLEkv-03hg==

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 86 KB
33 KB 114ms
30ms Script
application/x-javascript 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWSQ37
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D3F) / ASP.NET
Resource Hash: cdfad57db2880222da0a5b5d756c3e306f7620ff4c3a40bffb351d5182f3e9b7

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 12:07:30 GMT
server: ECS (lcy/1D3F)
age: 421386
x-powered-by: ASP.NET
etag: "c6186ae9cd6d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 33400

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 109ms
26ms Script
application/javascript 23.111.9.64
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: info.threatstack.com
URL: https://info.threatstack.com/S02D1j0WFFK0405s0s0004YD0SH00
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 91f45811a83ee1bd3005eb6df52ef0bf69c1ee66ce0a3b812bc1fbca392473ee

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
last-modified: Mon, 07 Jan 2019 19:21:23 GMT
server: NetDNA-cache/2.2
x-amz-request-id: A90526E7AA00BAA6
etag: W/"5ae62e3d1adb9aa509b61aed2f35d9d2"
x-cache: HIT
content-type: application/javascript
status: 200
x-amz-id-2: siou5BS/WJqukT4sn/YjI3KNf+TVWOglDn39we+GIcxhZcVgEuK/gJJSTWoigiQzQMQtyY7sBOU=

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=376172&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVox...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D376172%26url%3Dhttps%253A%252F%252Fgo.threatstack.com%252Fapp-attack-sim.html%253...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=376172&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVox...

0
256 B

167ms
167ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=376172&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&time=1580853744025&liSync=true
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: 33QL1xpS8BVAgZU7lysAAA==

Redirect headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-xss-protection: 1; mode=block
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: ayedyRpS8BVAzKwP6CoAAA==
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=376172&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&time=1580853744025&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
x-li-fabric: prod-lor1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK r Show response
scout.salesloft.com/ 41 B
437 B 497ms
120ms XHR
application/json 35.169.141.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0Ijo5OTg2fQ.C5uXeNcwH6Rlq3qBpomdFXr45JQURQE1c6AC7FS_vvA
Requested by: Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.141.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-141-254.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Origin: https://go.threatstack.com

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
server: Cowboy
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.threatstack.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 2no546mva2n6canp144f5b12

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/956811692/ 3 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956811692/?random=1580853744167&cv=9&fst=1580853744167&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&ref=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&tiba=Webinar%20Registration&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac71c2eca4a05e1f2fac31001db4ec2121ee5aca93c68c428f6ccb19db75c5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
347 B 27ms
26ms Image
image/gif 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&_biz_h=-1906410348&_biz_u=8caf555a3eb24335bbd62467fefc9bcf&_biz_s=66942a&_biz_l=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&_biz_t=1580853744192&_biz_i=Webinar%20Registration&_biz_n=0&rnd=84737&cdn_o=a&_biz_z=1580853744195
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D2F) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-aspnet-version: 4.0.30319
age: 591181
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
content-length: 43
pragma: no-cache
x-aspnetmvc-version: 5.2
last-modified: Wed, 29 Jan 2020 01:49:23 GMT
server: ECS (lcy/1D2F)
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
expires: -1

GET
H2 200 /
www.google.com/pagead/1p-user-list/956811692/ 42 B
118 B 21ms
20ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/956811692/?random=1580853744167&cv=9&fst=1580853600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1m0&sendb=1&frm=0&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&ref=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&tiba=Webinar%20Registration&async=1&fmt=3&is_vtc=1&random=377480666&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/956811692/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/956811692/?random=1580853744167&cv=9&fst=1580853600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg1m0&sendb=1&frm=0&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&ref=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&tiba=Webinar%20Registration&async=1&fmt=3&is_vtc=1&random=377480666&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 22:02:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BizibleAcct.js Show response
cdn.bizible.com/ 378 B
523 B 126ms
126ms Script
text/javascript 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=8caf555a3eb24335bbd62467fefc9bcf&_biz_h=-1906410348&cdn_o=a&jsVer=4.19.11.01
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8596151adbdfad156c23015482f07abf6798763fda5e8eea3114d5629787c3bb

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
etag: 6BCD83F7
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 325

GET
H2 200 u
cdn.bizible.com/m/ 43 B
124 B 28ms
27ms Image
image/gif 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A463-FKF-758%26token%3A_mch-threatstack.com-1580853744007-64225&_biz_u=8caf555a3eb24335bbd62467fefc9bcf&_biz_s=66942a&_biz_l=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&_biz_t=1580853744198&_biz_i=Webinar%20Registration&_biz_n=1&rnd=178014&cdn_o=a&_biz_z=1580853744300
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D68) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
x-aspnet-version: 4.0.30319
age: 408302
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
content-length: 43
pragma: no-cache
x-aspnetmvc-version: 5.2
last-modified: Fri, 31 Jan 2020 04:37:22 GMT
server: ECS (lcy/1D68)
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
expires: -1

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 148ms
67ms Script
application/x-javascript 95.100.75.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.224 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 119ms
38ms Stylesheet
text/css 95.100.75.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.224 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
sjrtp7.marketo.com/gw1/ 0
435 B 821ms
166ms Script
application/x-javascript 192.28.146.117
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp7.marketo.com/gw1/trw?aid=threatstack&ref=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&trwv.uid=threatstack-1580853744438-7cc2aa3f&trwv.vc=1&trwsa.sid=threatstack-1580853744439-c457abee&trwsb.cpv=1&ctzo=+01:00&uri=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&ma=id%3A463-FKF-758%26token%3A_mch-threatstack.com-1580853744007-64225&pm=&viewedTypes=&rts=1580853744441

Requested by

Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.146.117 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:25 GMT
Cache-Control: no-cache
Server: Jetty(7.3.1.v20110307)
Connection: close
Content-Length: 0
Strict-Transport-Security: max-age=63113904
Content-Type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK ga-integration-2.0.2.js Show response
rtp-static.marketo.com/rtp/libs/ 15 KB
5 KB 115ms
39ms Script
application/x-javascript 95.100.75.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.2.js
Requested by: Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.224 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Jul 2018 13:42:27 GMT
Server: AkamaiNetStorage
ETag: "52b7a5deba12e7e1147fcebaa9fd9691:1530625347"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 4977

GET
H/1.1 200
OK msg Show response
sjrtp7.marketo.com/gw1/ 0
494 B 771ms
166ms Script
text/javascript 192.28.146.117
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp7.marketo.com/gw1/msg?a=2&sid=threatstack-1580853744439-c457abee&aid=threatstack&ma=id%3A463-FKF-758%26token%3A_mch-threatstack.com-1580853744007-64225&viewedTypes=&0.061664586014787526&rts=1580853744492

Requested by

Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.146.117 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:25 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63113904
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Connection: close

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 60ms
59ms Script
application/x-javascript 95.100.75.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.224 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H/1.1 200
OK i Show response
scout.salesloft.com/ 48 B
583 B 157ms
157ms XHR
application/json 35.169.141.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://scout.salesloft.com/i
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.141.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-141-254.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 9cfeeaf304d0aa88824bab58d83f6ad426a05a4c61629b3b6f88a46e90661bbf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Origin: https://go.threatstack.com

Response headers

date: Tue, 04 Feb 2020 22:02:23 GMT
server: Cowboy
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.threatstack.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 2no546n95eab2anp144dmg13

GET
H/1.1 200
OK us
scout.us1.salesloft.com/ 42 B
371 B 516ms
147ms Image
image/gif 35.169.141.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scout.us1.salesloft.com/us?type=landed&hitId=76446323&rand=1685038916&monitorResolution=1600x1200&viewportResolution=1600x1200&pageTitle=Webinar%20Registration&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&sessionCount=1&hasWS=true&time=668&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&guid=35baec12-e2d2-4ddd-9279-00dcdcaf1304&tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0Ijo5OTg2fQ.C5uXeNcwH6Rlq3qBpomdFXr45JQURQE1c6AC7FS_vvA
Requested by: Host: go.threatstack.com
URL: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.141.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-141-254.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:24 GMT
server: Cowboy
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 42
x-request-id: 2no546o851adm5t2hc4mj1i7

GET
H/1.1 200
OK msg Show response
sjrtp7.marketo.com/gw1/ 0
494 B 499ms
167ms Script
text/javascript 192.28.146.117
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: sjrtp7-cdn.marketo.com
URL: https://sjrtp7-cdn.marketo.com/rtp-api/v1/rtp.js?aid=threatstack

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.146.117 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html?mkt_tok=eyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 04 Feb 2020 22:02:25 GMT
Content-Encoding: gzip
Server: Jetty(7.3.1.v20110307)
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63113904
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-cache
Connection: close

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
111 B 69ms
68ms Image
image/gif 93.184.220.178
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&_biz_h=-1906410348&_biz_u=8caf555a3eb24335bbd62467fefc9bcf&_biz_s=66942a&_biz_l=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html&_biz_t=1580853745777&_biz_i=Webinar%20Registration&_biz_n=2&rnd=974392&cdn_o=a&_biz_z=1580853745779
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D2F) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:25 GMT
x-aspnet-version: 4.0.30319
age: 591182
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
content-length: 43
pragma: no-cache
x-aspnetmvc-version: 5.2
last-modified: Wed, 29 Jan 2020 01:49:23 GMT
server: ECS (lcy/1D2F)
content-type: Image/GIF
cache-control: no-cache, no-store
accept-ranges: bytes
expires: -1

GET
H/1.1 200
OK visitor Show response
sjrtp7.marketo.com/gw1/rtp/api/v1_1/ 272 B
920 B 672ms
169ms XHR
application/json 192.28.146.117
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp7.marketo.com/gw1/rtp/api/v1_1/visitor?sid=threatstack-1580853744439-c457abee&aid=threatstack&1580853745804

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.146.117 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

31c85c725e12e05a6717e587b195a4120e58028ea600d3f239ba4f6f85810e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/app-attack-sim.html
Origin: https://go.threatstack.com

Response headers

Pragma: no-cache
Date: Tue, 04 Feb 2020 22:02:26 GMT
Content-Encoding: gzip
Last-Modified: Tue Feb 04 16:02:26 CST 2020
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://go.threatstack.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
sjrtp7.marketo.com/gw1/ga/ 48 B
500 B 669ms
167ms XHR
text/json 192.28.146.117
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://sjrtp7.marketo.com/gw1/ga/sgm?sid=threatstack-1580853744439-c457abee&1580853745850

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.28.146.117 , United States, ASN53580 (MARKETO, US),

Reverse DNS

Software

Jetty(7.3.1.v20110307) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/app-attack-sim.html
Origin: https://go.threatstack.com

Response headers

Date: Tue, 04 Feb 2020 22:02:26 GMT
Server: Jetty(7.3.1.v20110307)
Strict-Transport-Security: max-age=63113904
Content-Type: text/json;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 487F 0
0 41ms
40ms Document
text/html 143.204.214.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1580853900000/79v2tv4a7dxf.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.214.90 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-214-90.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://go.threatstack.com/app-attack-sim.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: https://go.threatstack.com/app-attack-sim.html

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Tue, 28 Jan 2020 17:34:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 04 Feb 2020 22:02:25 GMT
etag: "508cd46eba6fe217807e5e413cb0a3ab"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: KHL_TBT706RJlBJyInibqkZN7C9wmEnnmNLUBOGiPw50HfdHflrRRA==

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=387479823&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&dr=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&ul=en-us&de=UTF-8&dt=Webinar%20Registration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=RTP&ea=Organization&el=Net1%20Gmbh&_u=aHBAAEAB~&jid=&gjid=&cid=1270152122.1580853744&tid=UA-45015654-1&_gid=1540645646.1580853744&gtm=2wg1m0NWSQ37&cd1=Net1%20Gmbh&z=2092712851

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 07:00:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54135
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=387479823&t=event&ni=1&_s=3&dl=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&dr=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&ul=en-us&de=UTF-8&dt=Webinar%20Registration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%2067315&_u=aHBAAEAB~&jid=&gjid=&cid=1270152122.1580853744&tid=UA-45015654-1&_gid=1540645646.1580853744&gtm=2wg1m0NWSQ37&cd1=Net1%20Gmbh&z=925179090

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 07:00:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54137
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=387479823&t=event&ni=1&_s=4&dl=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&dr=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&ul=en-us&de=UTF-8&dt=Webinar%20Registration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Message%20Received&el=Playbook%20ID%3A%2067315&_u=aHBAAEAB~&jid=&gjid=&cid=1270152122.1580853744&tid=UA-45015654-1&_gid=1540645646.1580853744&gtm=2wg1m0NWSQ37&cd1=Net1%20Gmbh&z=604092299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 07:00:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54137
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j80&a=387479823&t=event&ni=1&_s=5&dl=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html%3Fmkt_tok%3DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%253D&dr=https%3A%2F%2Finfo.threatstack.com%2FS02D1j0WFFK0405s0s0004YD0SH00&ul=en-us&de=UTF-8&dt=Webinar%20Registration&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Drift%20Widget&ea=Message%20Received&el=Playbook%20ID%3A%2067315&_u=aHBAAEAB~&jid=&gjid=&cid=1270152122.1580853744&tid=UA-45015654-1&_gid=1540645646.1580853744&gtm=2wg1m0NWSQ37&cd1=Net1%20Gmbh&z=1698494123

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Feb 2020 07:00:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54138
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK us
scout.us1.salesloft.com/ 42 B
371 B 123ms
123ms Image
image/gif 35.169.141.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scout.us1.salesloft.com/us?type=tick&hitId=76446323&rand=724922124&monitorResolution=1600x1200&viewportResolution=1600x1200&pageTitle=Webinar%20Registration&url=https%3A%2F%2Fgo.threatstack.com%2Fapp-attack-sim.html&sessionCount=2&hasWS=true&time=5669&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_6)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F79.0.3945.88%20Safari%2F537.36&guid=35baec12-e2d2-4ddd-9279-00dcdcaf1304&tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0Ijo5OTg2fQ.C5uXeNcwH6Rlq3qBpomdFXr45JQURQE1c6AC7FS_vvA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.141.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-141-254.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://go.threatstack.com/app-attack-sim.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 04 Feb 2020 22:02:28 GMT
server: Cowboy
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 42
x-request-id: 2no5470qos4vg5t2hc50hm85

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.threatstack.com/	1970-01-21 02:55:33	Name: sliguid Value: 35baec12-e2d2-4ddd-9279-00dcdcaf1304
.threatstack.com/	1970-01-19 07:07:35	Name: trwsa.sid Value: threatstack-1580853744439-c457abee%3A1
.threatstack.com/	1970-01-20 00:38:45	Name: trwv.uid Value: threatstack-1580853744438-7cc2aa3f%3A1
.threatstack.com/	1970-01-19 15:53:09	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
go.threatstack.com/	1970-01-20 00:40:12	Name: driftt_aid Value: 78ddb7a6-0ba1-47bc-86e9-1a60e19fec81
.threatstack.com/	1970-01-19 07:07:35	Name: _biz_sid Value: 66942a
go.threatstack.com/	1970-01-19 07:17:38	Name: slireg Value: https://scout.us1.salesloft.com
.threatstack.com/	1970-01-20 00:38:45	Name: _mkto_trk Value: id:463-FKF-758&token:_mch-threatstack.com-1580853744007-64225
.threatstack.com/	1970-01-19 15:53:09	Name: _biz_pendingA Value: %5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Fgo.threatstack.com%252Fapp-attack-sim.html%253Fmkt_tok%253DeyJpIjoiT1RWak5EVmtaRFZtTlRkbSIsInQiOiJCTFRPbFl5akxsZkJzSXlUMHo5TVoxYTB5QlhXaUJzK0k2WEZhVTM0TnVDeTZQQUIwWFFvczFtYW56SXFBeXVZYzJ6K1NKN2FzQTJUd2VVMWxvR2Q1XC9NU2VlKzRQam1mSUxxMnJEYU5TZG96anVncHduSWtDUEE5YmNpZ3MzTWdtWGI3eHBKRDB1dnp3KzgwdFh3XC9EZz09In0%25253D%26_biz_h%3D-1906410348%26_biz_u%3D8caf555a3eb24335bbd62467fefc9bcf%26_biz_s%3D66942a%26_biz_l%3Dhttps%253A%252F%252Fgo.threatstack.com%252Fapp-attack-sim.html%26_biz_t%3D1580853745777%26_biz_i%3DWebinar%2520Registration%26_biz_n%3D2%26rnd%3D974392%22%5D
.threatstack.com/	1970-01-19 07:09:00	Name: _gid Value: GA1.2.1540645646.1580853744
.go.threatstack.com/	1970-01-19 07:50:45	Name: __cfduid Value: de87ce666cb29973d39479538bd81d48c1580853743
.threatstack.com/	1970-01-19 15:53:09	Name: _biz_uid Value: 8caf555a3eb24335bbd62467fefc9bcf
.threatstack.com/	1970-01-19 07:07:33	Name: _gat_UA-45015654-1 Value: 1
.threatstack.com/	1970-01-20 00:38:45	Name: _ga Value: GA1.2.1270152122.1580853744
.threatstack.com/	1970-01-19 15:53:09	Name: _biz_nA Value: 3
.threatstack.com/	1970-01-19 07:50:45	Name: __cfduid Value: dcec7f3c26b1d7afaaee2501929664d3b1580853743
go.threatstack.com/	1970-01-21 02:55:33	Name: slirequested Value: true
.go.threatstack.com/	1970-01-19 07:07:35	Name: __cf_bm Value: 1f4bb2aeae698a309bf72b27f5c54cb1154eb9f9-1580853743-1800-AavUmHavw20X6gxRcs8HENs5LXhSPxTPBQzfl+TbLZy3y1orZpDIkae4l2pRnkDJfsuIUOl1gjUl82o2eTW0Xr4=
go.threatstack.com/	1969-12-31 23:59:59	Name: BIGipServersj20web-nginx-app_https Value: !pEbQEx0aPQSohyPInuzRy4alk/3R/kzdbn3nLJsbp6YXD3t+C8lmvydn+s20ENi5pDUifQk3MXj4Pog=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/156/munchkin.js(Line 19) Message: Munchkin.init("%s") options: 463-FKF-758 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

463-fkf-758.mktoresp.com
cdn.bizible.com
go.threatstack.com
googleads.g.doubleclick.net
info.threatstack.com
js.driftt.com
munchkin.marketo.net
na-ab19.marketo.com
px.ads.linkedin.com
rtp-static.marketo.com
scout-cdn.salesloft.com
scout.salesloft.com
scout.us1.salesloft.com
sjrtp7-cdn.marketo.com
sjrtp7.marketo.com
snap.licdn.com
stats.g.doubleclick.net
threatstack.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.16.96.80
104.17.70.206
104.17.72.206
143.204.214.90
172.217.18.2
192.28.146.117
192.28.147.68
23.111.9.64
2606:4700::6811:51c3
2a00:1450:4001:817::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9a
2a02:26f0:6c00:296::25ea
2a05:f500:11:101::b93f:9001
2a05:f500:11:101::b93f:9005
35.169.141.254
93.184.220.178
95.100.75.224
95.101.176.176
0350bd217bea0a3f13f2901e36ac13e07e55a63f60cbc416de5c1911b30972c6
10e1d9ec7a9f0e9158de909d60a48b1b4e49ab5a98d3dec3e21826310dbe5469
12095c3b5552274789c452ef46cfc23da902af1bdec02a639ef20a7494e55312
19bed22e06b1c797c59db4fc9a38b8c5582e499559a86cf940ae84163b8b5799
21d8bce7f93483ce0a78609af0f6b5a047eb060997b4928e3fb03d4bd8467266
21d9ecd4bb513d28b2a99eee33951d814853a8887cbcc53b6add7296e76d6dca
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
31c85c725e12e05a6717e587b195a4120e58028ea600d3f239ba4f6f85810e1a
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
387a1453ecb35b72b3d8713369e7167b600472880b0b34fa496eb8f9e0c7d728
391ae5434eccd0c4861b54d3ef6e8c591d2b5c9fd6d96107f2ee8d0517be725b
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
414777c2a28e0a9a179bdfcba83b678d33fc73cca58aa7a2dd1190ecac2f93d3
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
496256258aa3081dbd5b1d4087d5dc74ebe1b117b3bd36e32ff8ffa741443c9b
506b582d0a16be58881fa56c1017b51430cbba73697a879a77d7a274e58b0e7c
521a4c4b77a15d98adcc9aa813cd9662f04ff532434e209cdbb8b39c5e4767f5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5c89d83668b8c076acf42e3003644505f7e6d79da34e0dc497efa7eedb7d72d8
5f3a3b79787d6827e01289f2bedd3b6d7a6ce22312f75670f7f828a4cc14348c
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6c9094cac8fa542195988d92ed1705cf5c88cea911f55a85711ad27006041e75
7f65b817702eccbcd14266ff4a627d4b1082a3d12923cf33037a435940c8fc98
7fb58f6c6c2c3b61909e3b4bb9e199d95d5e2a4e39b58f25d1a9894971ed16b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8596151adbdfad156c23015482f07abf6798763fda5e8eea3114d5629787c3bb
91f45811a83ee1bd3005eb6df52ef0bf69c1ee66ce0a3b812bc1fbca392473ee
9711b3826b42c29d3a88964bb4b542dd64ae2f000a5ef23cec6fc52fd20958d8
99522f1a9ecb12731f68d90aca16453bf772ac84c8250f45f715c1daaa2a4dac
9cfeeaf304d0aa88824bab58d83f6ad426a05a4c61629b3b6f88a46e90661bbf
9d2b3d31e5b26b8459ada015528ea2393440192f013e5bf620bd53c8c51ec1f4
ac71c2eca4a05e1f2fac31001db4ec2121ee5aca93c68c428f6ccb19db75c5db
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b3890516e57d6587f4c4c26f61f394852e0f21eaa175e207a62a81ecb446f662
b552f280815787074f2aab8633b9793d39e7d673df52081d9c34d89d1ff0ba56
cc27845c4ba2580588d37b6d48939e7b833faeefa237e927860054226a0ad6f9
cdfad57db2880222da0a5b5d756c3e306f7620ff4c3a40bffb351d5182f3e9b7
d08f291bcb83079b1333094f4c021641b33182915b5e74ae8bddf5d7b4fd4698
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e2bfe88790852c91d39c37dea6f79bf93057bad29ec9167824d2b4d25a6a7536
e38463d254689e90cc025b9ba37e37ba6b85bc91169da67fe608a95fbe05240c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6e7e0830124ea580b3f0de0da80ba48a45d9df9d7c092af0f47c63ed0692578
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715

go.threatstack.com Open in urlscan Pro 104.17.72.206 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

45 %IPv6

15 Domains

24 Subdomains

20 IPs

6 Countries

668 kBTransfer

1567 kBSize

19 Cookies

3 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

go.threatstack.com Open in urlscan Pro
104.17.72.206 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

45 %
IPv6

15
Domains

24
Subdomains

20
IPs

6
Countries

668 kB
Transfer

1567 kB
Size

19
Cookies

63 HTTP transactions
0 data transactions